Microsoft released an emergency Windows update after revealing that one of its trusted digital signatures was being abused to sign the Flame malware that has infected computers in Iran and other Middle Eastern Countries.
These unauthorised digital certificates allowed the Flame developers to make the malware appear as if it was actually created and approved by Microsoft.
"As soon as we discovered the root cause of this issue, we immediately began building a update to revoke the trust placed in the 'Microsoft Enforced Licensing Intermediate PCA' and 'Microsoft Enforced Licensing Registration Authority CA' signing certificates." The TechNet blog post reads.
Here are the thumbprints of the certificates to be placed in the Untrusted Certificates Store.
For further information, read this TechNet blog post.
These unauthorised digital certificates allowed the Flame developers to make the malware appear as if it was actually created and approved by Microsoft.
"As soon as we discovered the root cause of this issue, we immediately began building a update to revoke the trust placed in the 'Microsoft Enforced Licensing Intermediate PCA' and 'Microsoft Enforced Licensing Registration Authority CA' signing certificates." The TechNet blog post reads.
Here are the thumbprints of the certificates to be placed in the Untrusted Certificates Store.
| Certificate | Issued by | Thumbprint |
| Microsoft Enforced Licensing Intermediate PCA | Microsoft Root Authority | 2a 83 e9 02 05 91 a5 5f c6 dd ad 3f b1 02 79 4c 52 b2 4e 70 |
| Microsoft Enforced Licensing Intermediate PCA | Microsoft Root Authority | 3a 85 00 44 d8 a1 95 cd 40 1a 68 0c 01 2c b0 a3 b5 f8 dc 08 |
| Microsoft Enforced Licensing Registration Authority CA (SHA1) | Microsoft Root Certificate Authority | fa 66 60 a9 4a b4 5f 6a 88 c0 d7 87 4d 89 a8 63 d7 4d ee 97 |
For further information, read this TechNet blog post.